Cisco Identity Services Engine (ISE) vs One Identity Safeguard comparison

The compared Cisco and One Identity solutions aren't in the same category. Cisco is ranked #1 in NAC , with an average rating of 8.3, and holds a 28.8% mindshare in the category. One Identity is ranked #3 in PAM , with an average rating of 7.2, and holds a 4.5% mindshare. Additionally, 87% of Cisco users are willing to recommend the solution, compared to 93% of One Identity users who would recommend it.

Cisco Identity Services Eng...

Read 141 Cisco Identity Services Engine (ISE) reviews

18,723 Views
12,405 Comparison Views

87% willing to recommend

One Identity Safeguard

Read 40 One Identity Safeguard reviews

3,212 Views
1,302 Comparison Views

93% willing to recommend

Cisco Identity Services Eng...

One Identity Safeguard

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Identity Services Engine (ISE) and One Identity Safeguard based on real PeerSpot user reviews.

Find out what your peers are saying about Cisco, HPE Aruba Networking, Fortinet and others in Network Access Control (NAC).

To learn more, read our detailed Network Access Control (NAC) Report (Updated: November 2024).

Buyer's Guide

Network Access Control (NAC)

November 2024

Download the complete report

Helped 824,067 peers since 2012

Categories and Ranking

Cisco Identity Services Eng...

Average Rating

8.2

Reviews Sentiment

6.6

Number of Reviews

141

Ranking in other categories

Network Access Control (NAC) (1st), Cisco Security Portfolio (1st)

One Identity Safeguard

Average Rating

8.0

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (6th), Privileged Access Management (PAM) (3rd)

Mindshare comparison

Cisco Identity Services Engine (ISE) and One Identity Safeguard aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 28.8%, down 31.6% compared to last year.
One Identity Safeguard, on the other hand, focuses on Privileged Access Management (PAM), holds 4.5% mindshare, down 5.6% since last year.

Network Access Control (NAC)

Privileged Access Management (PAM)

Featured Reviews

Bill Masci

Senior Network Admin at Iridium

Helps across a distributed network, giving you a central way of authenticating everybody

A lot of people tell you the hardware requirements for ISE are pretty substantial. If you're running a virtual environment, you're going to be dedicating quite a bit of resources to an ISE VM. That is something that could be worked on. The upgrade process is not very simple. It's pretty time-consuming. If you follow it step by step you're probably going to have a good time, but there are still a lot of things that could be a lot more user-friendly from an administrator's perspective. [They could be] easing a lot of the issues that people have. Instead of just saying the best practice is to migrate to new nodes [what would be helpful] would be to make that upgrade process easier. The UI is a lot nicer in 3.0. It's pretty slow, but for the most part, it's easy to find what you're looking for, especially things like RADIUS live logs, TACACS live logs. From a troubleshooting perspective, it's really nice finding stuff. For setting up policies, from that perspective, it could be a little bit better looking.

Read full review

Tor Nordhagen

Executive Director at Semaphore

Transparent mode for privileged sessions will greatly simplify our client's administrative situation

We're introducing the solution's transparent mode for privileged sessions. This is part of what the client hasn't used before. It will simplify their administrative situation greatly. So far, the rollout of this feature has been a seamless process, but we're still in the midst of rolling it out. The benefits will be on the risk side. Right now, the way accounts are managed, you don't necessarily know who is using an account. There's a shared admin account, and that's not a good thing. And those accounts are shared in wallets by several people. One of the real benefits of safeguarding here is that the client will have an absolute audit of who is using an administrative interface, whether it's server or network.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Member Access Control and the ability to integrate all Cisco wireless, Cisco networking, switches, routers, and firewalls."

"The integration with Active Directory is the most valuable feature for us."

"When you push out the policy, it is able to populate the entire network at one time."

"The most valuable feature is 801.1x and another very good feature is the TACACS."

"Cisco ISE scales exceptionally well."

"The most valuable feature is AnyConnect Posture because it scans all the programs on the workstation and checks if the antivirus is up to date, as well as the cryptographic keys on our SSD."

"The most valuable features are the NAC and the bundles that are available with Cisco ISE, such as Cisco ACS being integrated."

"For us and our clients, the most valuable features of Identity Services Engine are really around the rich contact sharing that ISE gives you."

More Cisco Identity Services Engine (ISE) pros

"The most unique and valuable features are the upstream and downstream throughput capacities; the Safeguard platform provides agile integration. In actuality, all the features are valuable. They're good, user-friendly."

"One Identity Safeguard is stable and provides great performance."

"Being able to use a proxy server is an advantage."

"The technical support is tremendous."

"Safeguard can define and update processes and procedures into the security framework of a company, including mobile. It allows us to change the policies and configurations on a mass scale in regards to security."

"The Transparent Mode is the number one advantage of the product."

"It has greatly helped improve our security posture. Safeguard has an option where it will reset passwords on service accounts, then go out to those servers where that service account is running as a service and update the password on it. That makes password changes very easy. We can regularly change passwords now and are planning on making it an annual activity, where all the people who own service accounts will go in and make sure all their passwords get changed, updated, and reset."

"The system is easy to manage, as it is not a system that you will change everything all of a sudden. It evolves most of the time with customer requests."

More One Identity Safeguard pros

Cons

"Cisco could improve the GUIs on their hardware."

"It could be more intuitive in terms of how to configure the policies."

"In order to make it a ten, it should be more user-friendly. You need somebody who is knowledgeable about it to use it. It's not easy to use. We have to rely heavily on technical support."

"I think some areas where ISE could be better are perhaps in the number of integrations that they offer from a virtual standpoint, as well as having a better and more comprehensive pathway for the customer to go from a physical environment to a virtual one."

"The solution is not so user-friendly."

"In an upcoming release, it would be nice to have NAC already standard in the solution."

"The opinion of my coworkers, and it's mine as well, is that the user interface could use some tender loving care. It seems counterintuitive sometimes. If you go to the logs, it's hard to figure out which one you need to look at."

"In a future release, I would like to see network access control. That is something that customers seem to be looking for."

More Cisco Identity Services Engine (ISE) cons

"One Identity's support is not appropriately structured, and it has a lot of room to improve."

"The multilanguage functionality does not support the Arabic language, even though this solution is deployed in an Arabic region."

"The interface is better now, but it still could be improved a lot. It needs more organization, menus, automatic refresh of information, and Web 2.0."

"We have feature requests and would like to see the turnaround times on those features to be faster."

"Monitoring of the platform should be easier and more functional so that you can have a clear picture of the running service."

"Some of our users find the functionality a bit complex, and it could be made more user-friendly."

"The product uses a lot of resources in current sessions."

"There is a lack of documentation and many problems with the plugins."

More One Identity Safeguard cons

Pricing and Cost Advice

"The technology is good, but to use some of the other features, and capabilities, they request that we purchase the Cisco DNA Center. As a result, the bundled price is a little high."

"Pricing and licensing are not my expertise. As far as budgeting is concerned, we run an ELA with Cisco. It's a part of our ELA."

"It's damn expensive and the licensing is terrible... If you have perpetual licenses on 2.7 and you upgrade to 3, you are forced to go with Essentials. That is one of the issues that I'm seeing with my clients now."

"There are other cheaper options available."

"The pricing is complicated."

"There are three levels of pricing: basic, plus, and apex. Basic satisfied our needs."

"There is a license to use this solution and the price is reasonable."

"The price of Cisco ISE (Identity Services Engine) is expensive and we are thinking about changing to FortiGate."

More Cisco Identity Services Engine (ISE) pricing and cost advice

"It is a bit on the pricey side, but you get what you pay for. You don't want to get anything too cheap because then you get cheap stuff and cheap support. That really never helps anybody."

"The pricing depends on our perspective, our budget, and, of course, the competitors we are taking into account."

"They have comparable pricing. All identity products are essentially priced in a similar way. It's a per-user base."

"The full license is expensive but if you plan to use it in a big organization then it is the best option because it is more flexible."

"Its subscription cost is too much, and sometimes, it is very difficult to pitch the solution to the management for cost approval. If the cost is reduced a little bit, it would be easier. If its cost was less, many other organizations that currently cannot afford it would be able to use this technology. I'm sure many organizations around the globe are having issues with identity management, and it is a very difficult task for IT to manage privileged accounts."

"Safeguard is cheaper than CyberArk."

"The pricing is about $80,000 per 100 servers. There are few elective costs."

"Our licensing costs are on a yearly basis."

More One Identity Safeguard pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.

See recommendations

824,067 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

27%

Computer Software Company

15%

Financial Services Firm

Government

Computer Software Company

23%

Financial Services Firm

12%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?

Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...

See all answers

What are the main differences between Cisco ISE and Forescout Platform?

OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...

See all answers

How does Cisco ISE compare with Fortinet FortiNAC?

Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...

See all answers

What do you like most about One Identity Safeguard?

The identity discovery is good, and the performance is pretty good value.

See all answers

What is your experience regarding pricing and costs for One Identity Safeguard?

One Identity Safeguard is expensive. The license is around $3,000 per month.

See all answers

What needs improvement with One Identity Safeguard?

One Identity's support is not appropriately structured, and it has a lot of room to improve.

See all answers

Comparisons

Aruba ClearPass vs Cisco Identity Services Engine (ISE)

Compared 25% of the time

Fortinet FortiNAC vs Cisco Identity Services Engine (ISE)

Compared 20% of the time

Forescout Platform vs Cisco Identity Services Engine (ISE)

Compared 13% of the time

CyberArk Privileged Access Manager vs Cisco Identity Services Engine (ISE)

Compared 6% of the time

Fortinet FortiAuthenticator vs Cisco Identity Services Engine (ISE)

Compared 4% of the time

More Cisco Identity Services Engine (ISE) Competitors

CyberArk Privileged Access Manager vs One Identity Safeguard

Compared 37% of the time

WALLIX Bastion vs One Identity Safeguard

Compared 15% of the time

Delinea Secret Server vs One Identity Safeguard

Compared 10% of the time

BeyondTrust Privileged Remote Access vs One Identity Safeguard

Compared 7% of the time

Fortinet FortiAuthenticator vs One Identity Safeguard

Compared 3% of the time

More One Identity Safeguard Competitors

Product Reports

Buyer's Guide

Cisco Identity Services Engine (ISE)

December 2024

Cisco Identity Services Engine (ISE) report

Download Cisco Identity Services Engine (ISE) product report

Buyer's Guide

One Identity Safeguard

December 2024

Download One Identity Safeguard product report

Also Known As

Cisco ISE

No data available

Learn More

Cisco

One Identity

Overview

Cisco ISE is an all-in-one solution that streamlines security policy management and reduces operating costs. Cisco ISE delivers visibility and access control over users and devices across wired, wireless, and VPN connections.

Identity Services Engine enables enterprises to deliver secure network access to users and devices. It shares contextual data, such as threats and vulnerabilities, with integrated solutions from Cisco technology partners. You can see what is happening in your network, which applications are running, and more.

Features of Cisco ISE

Centralized management helps administrators configure and manage user profile characteristics - a single pane of glass for integrated management services.
Contextual identity and business policy: The rule-based attribute is a driven policy model. The goal is to provide flexible access control policies.
Wide range of access control options, including Virtual LAN (VLAN) URL redirections, and access control lists.
Supplicant-less network access: You can roll out secure network access by deriving authentication from login information across application layers.
Guest lifecycle management streamlines the experience for implementing and customizing network access for guests.
Built-in AAA services: The platform uses standard RADIUS protocol for authentication, authorization, and accounting.
Device auditing, administration, and access control provide users with access on a need-to-know and need-to-act basis. It keeps audit trails for every change in the network.
Device profiling: ISE features predefined device templates for different types of endpoints.
Internal certificate authority: Qn easy-to-deploy single console to manage endpoints and certificates.

Benefits of Cisco ISE

Cisco’s holistic approach to network access security has several advantages:

Context-based access based on your company policies. ISE creates a complete contextual identity, including attributes such as user, time, location, threat, access type, and vulnerability. This contextual identity is used to enforce a secure access policy. Administrators can apply strict control over how and when endpoints are allowed in the network.
Better network visibility via an easy-to-use, simple console. In addition, visibility is improved by storing a detailed attribute history of all endpoints connected to the network.
Comprehensive policy enforcement. ISE sets easy and flexible access rules. These rules are controlled from a central console that enforces them across the network and security infrastructure. You can define policies that differentiate between registered users and guests. The system uses group tags that enable access control on business rules instead of IP addresses.
Self-service device onboarding enables the enterprise to implement a Bring-Your-Own-Device (BYOD) policy securely. Users can manage their devices according to the policies defined by IT administrators. (IT remains in charge of provisioning and posturing to comply with security policies.)
Consistent guest experiences: You can provide guests with different levels of access from different connections. You can customize guest portals via a cloud-delivered portal editor with dynamic visual tools.

Support

You can get ISE as a physical or virtual appliance. Both deployments can create ISE clusters that create scale, redundancy, and requirements.

Licensing

Cisco ISE has four primary licences. Evaluation for up to 100 endpoints with full platform functionality. The higher tiers are Partner, Advantage and Essential.

Reviews from Real Users

"The user experience of the solution is great. It's a very transparent system. according to a PeerSpot user in Cyber Security at a manufacturing company.

Omar Z., Network & Security Engineer at an engineering company, feels that "The RADIUS Server holds the most value."

“Whether I deploy in China, the US, South Africa, or wherever, I can get all the capabilities. It allows me to directly integrate with 365, and from a communications point of view, that is a good capability," says Rammohan M., Senior Consultant at a tech services company.

Hassan A.,Technology Manager at Advanced Integrated Systems, says that "The most valuable feature is the integration with StealthWatch and DNA as one fabric."

One Identity Safeguard manages and monitors privileged access, enhancing security with features like automatic session recording, real-time monitoring, and credential rotation. It integrates seamlessly, supports compliance with audit trails, and improves operational efficiency across organizations. This robust platform significantly bolsters security protocols while controlling sensitive operations.

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University

Cavium

Buyer's Guide

Network Access Control (NAC)

November 2024

Download Free Report

Find out what your peers are saying about Cisco, HPE Aruba Networking, Fortinet and others in Network Access Control (NAC). Updated: November 2024.

DOWNLOAD NOW

824,067 professionals have used our research since 2012.

We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.